PHP :: Bug #38400 :: Use of com.typelib_file in PHP.ini causes A/V

Bug #38400	Use of com.typelib_file in PHP.ini causes A/V
Submitted:	2006-08-09 16:38 UTC	Modified:	2006-10-18 23:47 UTC
From:	willw at applied dot co dot uk	Assigned:
Status:	Closed	Package:	COM related
PHP Version:	5.2.0RC1	OS:	Windows XP SP2
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	willw at applied dot co dot uk
New email:
PHP Version:		OS:

New Comment:

[2006-08-09 16:38 UTC] willw at applied dot co dot uk

Description:
------------
Use of the com.typelib_file to set a text file containing a list of typelibs causes PHP to crash with an A/V at startup.

Occurs both if PHP.exe is run from command line, or from Apache 1 via php5apache.dll. Haven't tried other combos.

This worked ok in PHP4, but seems to fail in all the PHP5s that I have tested. 

Reproduce code:
---------------
Alter a working PHP.ini so that it sets com.typelib_file to point to a text file. To see the bug, the named file must exist, and contain at least one entry. It doesn't matter whether the entry is valid.

PHP.ini:
...
[COM]
com.typelib_file = "C:/PHP/typelib_files.txt"
...

contents of typelib_files.txt:
C:\WinNt\System32\activeds.tlb

Expected result:
----------------
(Expected no crash)

Actual result:
--------------
Backtrace:


NTDLL! 7c901010()
begin_read(_zend_ts_hashtable * 0x00fa4c20 _php_com_typelibraries) line 28 + 12 bytes
zend_ts_hash_find(_zend_ts_hashtable * 0x00fa4c20 _php_com_typelibraries, char * 0x011007e8, unsigned int 0x00000010, void * * 0x0012f764) line 208 + 9 bytes
php_com_load_typelib_via_cache(char * 0x011007e8, int 0x00000000, int * 0x0012f7e8, void * * * 0x00fe5028) line 238 + 25 bytes
OnTypeLibFileUpdate(_zend_ini_entry * 0x01194198, char * 0x0114fbb0, unsigned int 0x00000036, void * 0x00000000, void * 0x00000000, void * 0x00000000, int 0x00000001, void * * * 0x00fe5028) line 149 + 36 bytes
zend_register_ini_entries(_zend_ini_entry * 0x00f3f0c8 ini_entries, int 0x00000003, void * * * 0x00fe5028) line 182 + 56 bytes
zm_startup_com_dotnet(int 0x00000001, int 0x00000003, void * * * 0x00fe5028) line 189 + 18 bytes
zend_startup_module_ex(_zend_module_entry * 0x0115af70, void * * * 0x00fe5028) line 1397 + 28 bytes
zend_hash_apply(_hashtable * 0x00fa6b80 _module_registry, int (void *, void * * *)* 0x00a61780 _zend_startup_module_ex, void * * * 0x00fe5028) line 666 + 16 bytes
zend_startup_modules(void * * * 0x00fe5028) line 1444 + 19 bytes
php_module_startup(_sapi_module_struct * 0x10019410 apache_sapi_module, _zend_module_entry * 0x100197f8 _apache_module_entry, unsigned int 0x00000001) line 1552 + 9 bytes
php_apache_startup(_sapi_module_struct * 0x10019410 apache_sapi_module) line 289 + 19 bytes
php_init_handler(server_rec * 0x003f8ee8, pool * 0x003f8ec0) line 933 + 10 bytes
APACHECORE! 6ff66730()
APACHE! 0040100f()
KERNEL32! 7c816d4f()


Looking at the source, one appears to be able to fix it by editing com_dotnet/com_extension.c. The php_com_typelibraries structure is accessed before it is initialised. Moving the call to zend_ts_hash_init() above REGISTER_INI_ENTRIES() seems to fix it... but may have side effects that I don't understand.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-10-18 23:47 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 12:01:29 2024 UTC